On Thu July 9 2009, Tomas Mraz wrote: > On Thu, 2009-07-09 at 17:59 +0200, Till Maas wrote: > > On Thu July 9 2009, yersinia wrote: > > > But something one have to pay a security prize on not disabling it : > > > it render impossible to have a > > > centralizzated security integrity management (e.g. rfc.sf.net for > > > example) or one have to skip from check the prelink binary. Very bad i > > > think. > > > > You pay a security prize if you disable prelink, because it also performs > > address space randomization: > > http://lwn.net/Articles/190139/ > > That's nonsense. Actually with prelink the randomization is done only > when prelink is rerun as the addresses can change only during the > prelinking. I fail to understand what is nonsense, since you agree that prelink performs randomization. Regards Till
Description: This is a digitally signed message part.